1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
PublicDate: 2007-03-06
Candidate: CVE-2007-1267
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267
Description:
Sylpheed 2.2.7 and earlier does not properly use the --status-fd argument
when invoking GnuPG, which prevents Sylpheed from visually distinguishing
between signed and unsigned portions of OpenPGP messages with multiple
components, which allows remote attackers to forge the contents of a
message without detection.
Ubuntu-Description:
Notes:
fujitsu> Not important, as GnuPG was fixed in CVE-2007-1263.
Bugs:
Priority: negligible
#sid_PKG:
#dapper_PKG:
#edgy_PKG:
#feisty_PKG:
#devel_PKG:
dapper_sylpheed: ignored (reached end-of-life)
edgy_sylpheed: needed (reached end-of-life)
feisty_sylpheed: needed (reached end-of-life)
gutsy_sylpheed: needed (reached end-of-life)
hardy_sylpheed: not-affected
intrepid_sylpheed: not-affected
jaunty_sylpheed: not-affected
karmic_sylpheed: not-affected
devel_sylpheed: not-affected
upstream_sylpheed:
|